Home > Charleston jobs > Charleston management/professional

Posted: Thursday, February 1, 2018 7:36 AM

U.S. Bank is seeking an experienced **Senior Threat Management Engineer** with demonstrated competence and thought leadership capability to contribute toward the success of our Information Security technology initiatives The Duties of the Senior Threat Management Engineer include understanding the current threat landscape and managing detection and protection measures across all security controls. This position will require extensive knowledge of the security space as it relates to technology, social, and cyber threats. Proper Candidate must be able to review and track detected incidents, identify new exploits and/or threats, develop mitigation strategies, and enforce incident reporting standards. Candidate needs to be able to identify the necessary actions required to investigate and contain threats. Candidate must have a proactive computer network defense mindset which they use to develop comprehensive remediation strategies and provide technical guidance. This is a high visibility, high stress position. Candidate will work to continuously improve our ability to detect, respond, and recover from security events and current threat landscape; directing the efforts of technical and business line teams, determining options and courses of action to counter potential attackers. Actions taken by this individual impacts the security and functionality of the enterprise IT for the entire bank.
Supervise record maintenance for all threat management activities.
Develop and contribute to threat management framework, requirements and strategy.
Develop and maintain standard operating procedure (SOP) documentation.
Analyze threats and vulnerabilities to determine their impact to US Bank's operations.
Establish and maintain cohesive working relationships with team members, management, key strategic business partners, and vendors.
Understand the threat actor s Tactics, Techniques and Procedures
Conduct Investigations and eDiscovery efforts involving court-proven forensic processes and technologies.
Conduct post-mortem evaluations on cyber security incidents and lead table-top threat management exercises.
Lead bank proactive response and mitigation of major security incidents including clear and concise communications to senior executives, regulators, and auditors.
Proactively researches emerging cyber threats. Applies expert understanding of hacker methodologies and tactics, system vulnerabilities and key indicators of attacks and exploits
Acquires and applies expert knowledge of the business, its products and processes
Directs analyses and root cause identification; develops and recommends business solutions impacting the enterprise.
Monitors efforts of less experienced peers and team members and provides input on performance appraisals. Leads and motivates cross-functional team members in strategy development and implementation of business solutions
Candidates must be well versed in common network scanning tools that support network discovery, compliance reporting, and vulnerability assessment.
Candidates must well versed in reviewing, analyzing, and commenting on secure network design and operational requirements (e.g. NIST SP 800-53r5, etc.).
**Basic Qualifications**
+ Bachelor's degree in Engineering or Science, or equivalent work experience
+ Eight or more year of experience in information security
+ Two or more years of experience in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, and IT operations and project management
**Preferred Qualifications**
Must possess strong analytical & evaluative thinking
Demonstrated excellent customer service
Conceptual understandings of the cyber kill chain
Awareness of the latest cyber-intelligence collection trends and developments
Experience developing threat briefings for consumption by senior management
Strong understanding of Windows API and internals
Ability to complete dynamic analysis of malware
Ability to extract host and network-based IOCs to provide requirements for detection and prevention
Ability to work nontraditional working hours when necessary
Understanding of network protocols and services
Strong written and verbal skills with the ability to present complex concepts at high level
Programming and scripting experience
Understanding of networking, system administration, architectures and security elements
Experience implementing and tuning a wide range of information security tools
Experience in Concept and TTP development for emulation of Cyber Adversaries
Experience in Remote exploitation technical capabilities and TTP.
Experience in Close Access Team technical capabilities and TTP.
Experience in Management of hardware/software operational infrastructure associated with Red Team types of attack platforms.
Experience in Operation of commercial and open source network cyber assessment tools (e.g. Core Impact and Rapid7 Metasploit).
Experience in Computer network platforms, architecture, programming languages and/or development/testing methodology for networked systems.
Experience in Operational Risk Management (ORM) concepts and application.
Experience in Application of industry standards for secure software development and lifecycle management.
Experience in Design, development, testing, modification and operational application of attack and exploitation tools. (to include familiarity with industry standard software engineering concepts and languages such as C , Python, PHP, etc.).
Experience in Exploitation and vulnerabilities associated with most common operating systems (Windows, Linux, etc.), protocols (HTTP, FTP, etc.), and network security services (PKI, HTTPS, etc.).
Experience in improvising courses of action (COAs) and capability development/modification during operations (i.e. remote access/exploitation and close access team operations) to achieve desired red teaming effects.
Experience in Development, modification, and utilization of network enumeration engines, Open Source Research (OSR) engines, and reverse engineering exploitation frameworks.
Experience in Development of network systems and architectures to allow Red Team operations in a non-traceable and non-attributable manner.
Experience in Development of advanced hacking capabilities (e.g. botnet, client deception, advanced Trojans, data exfiltration, mobile device discovery and exploitation).
**Job:** Information Technology
**Primary Location:** Ohio-OH-Cincinnati
**Shift:** 1st - Daytime
**Average Hours Per Week:** 40
**Requisition ID:** 170037931
**Other Locations:** United States
U.S. Bank is an Equal Opportunity Employer committed to creating a diverse workforce.
Associated topics: active security clearance, battle management, cavalry scout, counterintelligence, defense contract, electronics intelligence, human intelligence, nato secret, navy, ts sci clearance


• Location: Charleston

• Post ID: 10805897 charlestonwv is an interactive computer service that enables access by multiple users and should not be treated as the publisher or speaker of any information provided by another information content provider. © 2018